package com.abing.core.utils.rsatest.client;

import com.abing.core.utils.rsatest.RSAUtils;
import com.abing.core.utils.rsatest.service.PayController;
import com.abing.core.utils.rsatest.service.ServerConfig;
import org.springframework.web.client.RestTemplate;

import java.util.HashMap;
import java.util.Map;

public class ClientExample {

    private static final RestTemplate restTemplate = new RestTemplate();

    public static void main(String[] args) {
        try {
            // 1. 构造业务数据（明文）
            Map<String, String> requestData = new HashMap<>();
            requestData.put("orderId", "EXT20240520123456");
            requestData.put("amount", "100.00");
            requestData.put("currency", "CNY");

            // 2. 加密业务数据（使用服务端公钥）
            String plainData = requestData.toString();
            String encryptedData = RSAUtils.encrypt(ClientConfig.SERVER_PUBLIC_KEY, plainData);
            System.out.println("客户端加密后的业务数据: " + encryptedData);

            // 3. 生成签名（使用自身私钥对请求签名串签名）
            String timestamp = String.valueOf(System.currentTimeMillis() / 1000); // 当前时间戳（秒）
            String signStr = timestamp + "|" + encryptedData; // 签名串（与服务端验签逻辑一致）
            String signature = RSAUtils.sign(ClientConfig.CLIENT_PRIVATE_KEY, signStr);
            System.out.println("客户端请求签名: " + signature);

            // 4. 构造HTTP请求体
            Map<String, String> requestBody = new HashMap<>();
            requestBody.put("encryptedData", encryptedData);
            requestBody.put("signature", signature);
            requestBody.put("timestamp", timestamp);

            // 5. 发送POST请求到服务端
//            String url = "http://your-server-domain/api/pay";
//            Map<String, Object> response = restTemplate.postForObject(url, requestBody, Map.class);
            Map<String, Object> response = PayController.pay(requestBody);

            // 6. 处理响应
            if (response != null && "200".equals(response.get("code"))) {
                // 6.1 验响应签名（使用服务端签名公钥）
                String encryptedResponse = (String) response.get("encryptedData");
                String responseSignature = (String) response.get("signature");
                boolean isResponseSignValid = RSAUtils.verify(
                        ClientConfig.SERVER_PUBLIC_KEY,
                    encryptedResponse, 
                    responseSignature
                );
                if (!isResponseSignValid) {
                    System.out.println("响应签名验证失败");
                    return;
                }

                // 6.2 解密响应数据（使用自身私钥）
                String decryptedResponse = RSAUtils.decrypt(ClientConfig.CLIENT_PRIVATE_KEY, encryptedResponse);
                System.out.println("客户端解密服务端的响应数据: " + decryptedResponse);
                // 解析 decryptedResponse（JSON 格式）获取 orderId、status 等字段...
            } else {
                System.out.println("接口调用失败: " + response);
            }

        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}